Sitting with the C-Suite: eDiscovery Priorities – Thoughts on the Next Five Years
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
E14: The Three Pillars of GDPR
E13: GDPR Wedding Day & Beyond
E12: GDPR Article 22 and Automated Decision Making
E8: Interview with Cookiebot CEO on Technical Solutions to GDPR Readiness
On April 8, the National Security Division of the U.S. Department of Justice’s (DOJ) new rule on cross-border data transfers takes effect. It restricts U.S. businesses from transferring certain bulk sensitive personal data to...more
While the definition of sensitive personal information in China has always been different to other jurisdictions, with a focus on risk of harm at its heart, new draft guidance should make it easier for organisations to map...more
In Part I of our alert about China’s new safe harbor rules, we discussed key developments between the draft Provisions on Regulating and Facilitating Cross-Border Data Flow (Chinese version only) and the Provisions on...more
Six months after the Cyberspace Administration of China (the CAC) sought public consultation on the draft Provisions on Regulating and Facilitating Cross-Border Data Flow (the Draft Provisions, Chinese version only), the...more
Chinese government data privacy officials recently implemented Guidelines for Filing of Standard Contracts for Export of Personal Information that carry significant consequences for non-compliance – which means organizations...more
The compliance grace period for China’s cross-border data security assessment measures has expired — but many international companies with operations or employees in China are still not compliant. In light of the diminishing...more
On February 24, 2023, the Cyberspace Administration of China (CAC) released the final version of the Measures on the Standard Contract for the Cross-Border Transfer of Personal Information, accompanied by a standard contract...more
In our previous posts, we discussed what data export activities are subject to scrutiny assessment (CAC Assessment) conducted by the Cyberspace Administration of China (CAC) (see Part 1) and examined what companies must do...more
With the rapid development of the global digital economy, multinational companies (MNCs) have been forced to find legally compliant ways to transfer data across borders. In the past, many MNCs relied on data transfer...more
The transfer mechanisms drive home China’s focus on data localization, as the measures all set forth cumbersome procedures and requirements, including security assessments and required contractual considerations. Despite...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
China had a lot of legislative movement in the area of data privacy this year. On June 10, 2021, the Data Security Law (DSL) was passed and it became effective on Sept. 1, 2021. This is a broader law applying to data...more
Multinational pharmaceutical companies, by nature of their business, handle a great deal of data, often transferred across borders, whether based on research, clinical trial data, and employee personal data....more
China’s Personal Information Protection Law (PIPL or the final version), following the first two readings in October 2020 and April 2021, was adopted on August 20, 2021 and will become effective on November 1, 2021. The final...more
China’s long-awaited Personal Information Protection Law (PIPL), after two rounds of draft versions, was finally passed by the Standing Committee of the National People's Congress on August 20, 2021, with the law effective...more